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DETAILED ACTION 

1 . A request for continued examination under 37 CFR 1.114, including tine fee set fortli 
in 37 CFR 1 .17(e), was filed in this application after final rejection. Since this 
application is eligible for continued examination under 37 CFR 1.114, and the fee set 
forth in 37 CFR 1 .17(e) has been timely paid, the finality of the previous Office action 
has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on 
7/14/08 has been entered. 

Response to Amendment 

2. Applicant arguments have been carefully considered. 

3. Applicant arguments are essentially directed towards the newly introduced 
limitations which required new search and consideration. Applicant arguments are 
moot in light of newly offered rejection. The newly introduced limitations are 
explicitly addressed in this Office Action, below. 

4. Claims 1-8, 18-25 and 34-41 . 

The text of those sections of Title 35, U.S. Code not included in this action can be 
found in a prior Office action. 

Claim Objections 

5. Claims 1-2, 18-19 and 34-35 objected to because the body of the claims do not 
support in claim's preamble. Although claims are directing towards facilitating 
authentication, no authentication steps are recited in claims 1-2, 18-19 and 34-35. 

6. Claims 3-8, 20-25 and 36-41 are objected to by virtue of their dependence. 
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Claim Rejections - 35 USC § 103 

7. Claims 1-4, 18-21 and 34-37 remain rejected under 35 U.S.C. 103(a) as being 
unpatentable over Aura (USPN 671 1400) or, in alternative over Aura in view of 
Netanel (USPUB 2003/0166398). 

As per claims 1,18 and 34, Aura discloses a system and a method for facilitating 
authentication in a wireless network comprising: 

a. receiving an initial nonce value (RAND1 ) and a mobile station message 
authentication code value (IMS!) from a serving mobile network (VPLMN) 
in an authentication data request (data comprising IMSI, RAND1 values) 
associated with a user device (MS), the initial nonce value originating from 
the user device (object 401 , Fig. 4) and the message authentication code 
value is determined at the mobile station from data originating from the 
user device (A user station is a subset of mobile station MS; thus data 
such as IMSI in a user station is a subset of all MS' data. Thus the user 
device sending the message authentication code value must be 
determined at the mobile station. See USPUB 2003/0157926, for 
example). 

b. generating a subsequent nonce value (RAND2) from the initial nonce 
value based on a first authentication function that is shared with the user 
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device (object 404, algoritlims A3 and A8, Fig. 4, col. 2 lines 27-col. 3 line 
19); 

c. generating an authentication vector (405) associated with the user device, 
the authentication vector including the subsequent nonce value; and 
transmitting the authentication vector to the serving mobile network (Fig. 
4). 

8. In Aura's invention the message authentication code value is determined (includes) 
only the data originating from the user device (IMS!) but does not teach data 

originating from serving mobile network. 

However, this difference is only found only in non-functional limitation descriptive 
material and do not alter the essence of the method disclosed by Aura (i.e., the 
descriptive material does not affect facilitating authentication). Thus, this descriptive 
material will not distinguish the claimed invention from the prior art in terms of 
patentability, see In re Gulack, 703 F.2d 1381, 1385, 217 USPQ 401, 404 (Fed. CIr. 
1983); In re Lowry, 32 F.3d 1579, 32 USPQ2d 1031 (Fed. Cir. 1994). 

9. Additionally, it is noted that Aura's invention offers two-way authentication, wherein 
MS and HLR/AUC are authenticated (see Aura, Fig. 4). Starting the authentication 
process at the HLR/AUC side would have been an obvious variation of the two-way 
authentication disclosed by Aura (there is only predictable number of solution: i.e. 
the process started at MS, HLR/AUC or VPLMN. See KSR ruling). Note that 
starting the process at HLR/AUC (HLR/AUC initiate a random value to be sent to 
MS, then MS operate on the random value to generate a second random value and 
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sending the second random value witli IMSI, tliat tlien would be verified by 
VLR/AUC (verification would create a subsequent random value)) would meet the 
claimed limitation. 

10. Furthermore, Netanel teaches the message authentication code value in addition to 
the value determined on the data originating from the user device 
(IMSI/MSIDSIwalD) also discloses data originating from serving mobile network 
(RAND is received from BS/MSCA/LR). 

It would have been obvious to one of ordinary skill in the art at the time of applicant's 
invention to include data determined at the mobile station and originated from the 
serving mobile network in the message authentication code value as taught by 
Netanel given the benefit of session authentication (see Fig. 1A and associated text, 
for example). 

11 .As per claims 2, 19 and 35, Aura discloses receiving an International Mobile Station 
Identifier (IMSI) corresponding to the user device from the serving mobile network 
(Fig. 4). 

12. As per claims 3-4, 20-21 and 36-37, Aura discloses receiving a visiting location 
register randomized authentication value (SRES1), a mobile station randomized 
authentication value (Kc) and a mobile station message authentication value 
(SRES2'), generating a visiting location register randomized authentication value 
(SRES2) based on the visiting location register randomized authentication value and 
determining whether the visiting location register randomized authentication value 
(carried out by evaluating a second authentication function with the visiting location 
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register randomized autlientication value and the mobile station randomized 
authentication value as inputs) equals the mobile station message authentication 
(409). 

Allowable Subject Matter 

Claims 5-8, 22-25 and 38-41 overcome the art of record. 

Conclusion 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Peter Poltorak whose telephone number is (571 ) 272- 
3840. The examiner can normally be reached Monday through Thursday from 9:00 
a.m. to 4:00 p.m. and alternate Fridays from 9:00 a.m. to 3:30 p.m. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Kambiz Zand can be reached on (571 ) 272-381 1 . The fax phone number 
for the organization where this application or proceeding is assigned is (571 ) 273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status Information for unpublished applications is available through Private PAIR only. 
For more Information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 



/Peter Poltorak/ 
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